A large cyber attack has caused chaos in the New Zealand healthcare system over the past few weeks. Multiple hospitals in New Zealand became crippled due to locked phone lines and computers from a large ransomware attack. Though the ransom note didn’t contain a dollar amount the note indicates a “ransomware event” according to the head of Waikato’s district health board Kevin Snee. In another interview he said, “It’s probably the biggest cyber attack in New Zealand’s history. We are dealing in uncharted territory here.” News outlets just today reported the group that attacked Waikato healthcare system released “documents, records, and phone numbers and addresses of patients and hospital employees” to them in an apparent double extortion attempt. We have yet to see any of this information on the darkweb but we expect the group will release the private data at some time in the future.

Nurses couldn’t look up patient information due to this attack. Nurses and doctors resorted to pen and paper and asking patients what they came for and who they came to visit. The hospitals postponed many elective surgeries and transferred patients to other facilities. The hospitals have also asked patients not to come to the emergency room due to long delays unless they need immediate care for a life-threatening injury.

Investigators have not released how the group that hacked the hospitals first got access. In most cases like this one the malware starts as an email. Users tend to create the biggest holes in a network’s security. As business owners in America, you have been watching (possibly affected) by a increasing incidents of breaches: increasing in complexity, increasing in quantity, and increasing in diversity. You can expect to see more attacks like this. As business owners, you can't blame your employees, contractors, or partners if you don't train them.

HAWK iSolutions Group suggests there are three tiers of efforts every business should make on-going investments: Basic Protection (AV, firewalls, security policies, MFA, password management), bullet-proof Backups (offsite, multiple backups per day, self-locking), and User Training (frequent training on new attack methods, attack simulations, employee security "report card" as condition of employment). Once these are accomplished, Basic Protection can be extended to Advanced Protection as deemed appropriate or affordable for each small business. You can't depend on "black hats" to honor ransom payments or to not sell "your breach" information to others resulting in new attacks on you. Click here if you want to assess your environment or discuss ways to improve your defense posture.